--- # Source: uma/templates/service_account.yaml apiVersion: v1 kind: ServiceAccount metadata: name: uma namespace: caapm --- # Source: uma/templates/configmap_probeautoattach.yaml apiVersion: v1 kind: Secret metadata: namespace: caapm name: caaiops-probe-autoattach-certs data: key.pem: | LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV3QUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktvd2dnU21BZ0VBQW9JQkFRRGZFZXNvTkpoOThDN0oKWFFqcHdVanlSWFdDak9aM0UrZGRFN00xUzFWcm40aWM1QVJmeFE4NVErWDlBOUhpcmtzYzB0S3VBakJuZmkvYQp3YmlMbHU0T3IwaW84SFJiaTZvdDlIQUliNHdEZVNpcHAzOCtxVEdPMlZNWTFRNitVMGpLcnNBa01rbnBwUXJqCkVERUo1ODRNcUlMTVY4TDRERUs5UmIzNUJxRjlPNS9McXdhWlZwcmZiNm84QUwzUFVJelRWc2Y2Z2JJUjZHd2EKaFE3SEhycG1wRnFNYWM5MWtIM1E5ekE1a1pVa2dULzF4M3BQYnBUQTc4c3o4MDRmSGsxS3Y5T2tXbkQ0TGVrKwpReXR1NHZ6cnk2eHpPTm04K3pjSUNUQnVVR3plU2VlcEF4YzVjNm1QZjZ2Vk5LYTJqSzVvd2x2ZFpESFRxNGE3ClB1NmlPQ0JQQWdNQkFBRUNnZ0VCQUtGeEwzY1dzYktiek5DeFE0MGg5VEJhTXRTOE11UEZoUEhwR3c4Y0tZTk4KbjZxa244SE1OZHRsRjZPSlN6SzZuK1FKZEs2NUtOME9CNFpVSThMckJmbWN4SUo0SEU1UkEyWmsvVnd0bHZEQQpsRHhNM0J1MmlnWnZwT05ZOTJXcGt3b1ZkVHY5SlY4eXNuRnBPNFNHdnFxTW5yVlRZdWp3dnJDTE5CVnh4aGlDClgzdFpNeitJa2JvMmxlR094MTdSVUhZNVd5Ny9PS1dVVncwUjcwQzZ2bnIvZWhDZ2twazRqNnlCbUE1bFVnemoKcHZ1c3ZQWVFtNnVpdnc4cjJHK0xGbVlmbXZ1Q1JXN1VsS2NzL01ydGdDWTJLd3AyRXFpVTFLNFlPNCt5WGN1eApyTXlwTXVMeVZrMHFoN3NOeVV6M0VvWlRJNjBCZjRsS01pSEpXcFMvRkZrQ2dZRUE5VjJSbFBMWnhaak9zTkVCCkltdWU5UGVnbkh5SERsSjI4MjJicmRPdTJwL2tueVVoYWpndWE0WTVFcTFNSTRGaXRFSTJha2krTFpuN3N3ZHIKNEtDWXVnNFZkVEF1Q1F5QjNncHZoLytvSkJ0MllhNDJTQzBNcDJYT1c4YjMzTitCZElraldTM0hFcXVLU1N6Ngp6cFZpMVRldmljS2JrR1pRb1lFWXpSWnBwdFVDZ1lFQTZMejQyS28zMlQvZW8xb0QwL3pqSytIUHdhQ1ZucnE1CjMzblNHL0ZUb1B4RGVDY0FzNlJzSHkrUGNScVRKdXBuTzJYL2VqZ25BcVhBRm1vMFl3S3kvUXQyckVRcHVVbzYKUG9LNG9BSDFySzUzL1hNY1RzaDdkNk05Vk55anNNQlAzRGwrdThYRnVTNnA1aXVheGMvNW5ZaDFOVmEvTnZqQQp3RklHSjhZcUJKTUNnWUVBMzlXT0czMDNvUVQzZVdJUlVOOHcwWFNkTm1SN3FGc2VYSStmTjRJbXZ4YWlMM1JsCitVcHJQbmZoMU9IMjFXVVJNRFEvQTlKOGU0ay9qbUMwenVSeXJ6aHQ1c3dmRXU0d0F1a3VPYmpHSUxwVTBtTmsKN1k3N1BqS25nQjRRdTVQQnV4Zm9BVkM3akpLa3dvQ2dCSmxPNGdlOHdVV2hPS2U5NHJlc2NsdUI0a2tDZ1lFQQpyLzA5bXZEVVBIWmNqMTlnNTZzaHlTdis0dWJnWE4vTDc5MzVjR0hESUVmQmFSanRJZXBpVEE2MXhBd1pXK01DClh0c1pIYjFhV2xrbDhJMHN3ZlhualF0ZkdKS09qbXMvc2NjOWZ0a2NnaENIOFdKYTlJUUxRUU55UERwL21RZEQKSEQ5cHd1bWhRdyt6TDdhbldZK1RySGprVUlvaEc1dHNmY0ZJb0VqcnV2c0NnWUVBeUJZbWNRNWxPeEdwU1pCeApBWXNOS1pLcG9mT3J6YU9YMytKcGJ2ZjlkVTlJVXBCbmprZjNjeDA5RXZoM0lOSFFiMzFUbWIydlU0a2tHR3FQCnBaU0pCa3kveHAyUXV3RzdTMTc1TEkzanVLcURDRkNhWkMyNUNXaWc0THBpQkhFMk1EZ0kxVFl0VGYwV0hJaU4KRnVrZStZT0RYVkNXOGJHL1ZWSnJUM0FIUE1BPQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg== cert.pem: | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURxakNDQXBLZ0F3SUJBZ0lKQU1kNC9nd09YYnp6TUEwR0NTcUdTSWIzRFFFQkN3VUFNRjR4Q3pBSkJnTlYKQkFZVEFrbE9NUkV3RHdZRFZRUUtEQWhDY205aFpHTnZiVEVQTUEwR0ExVUVDd3dHUTBFZ1FWQk5NU3N3S1FZRApWUVFERENKaGNHMHRjSEp2WW1VdFlYVjBiMkYwZEdGamFDMXpkbU11WTJGaGNHMHVjM1pqTUI0WERUSXhNRE16Ck1UQTNNak14TjFvWERUSTBNREV4T1RBM01qTXhOMW93WGpFTE1Ba0dBMVVFQmhNQ1NVNHhFVEFQQmdOVkJBb00KQ0VKeWIyRmtZMjl0TVE4d0RRWURWUVFMREFaRFFTQkJVRTB4S3pBcEJnTlZCQU1NSW1Gd2JTMXdjbTlpWlMxaApkWFJ2WVhSMFlXTm9MWE4yWXk1allXRndiUzV6ZG1Nd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3CmdnRUtBb0lCQVFEZkVlc29OSmg5OEM3SlhRanB3VWp5UlhXQ2pPWjNFK2RkRTdNMVMxVnJuNGljNUFSZnhRODUKUStYOUE5SGlya3NjMHRLdUFqQm5maS9hd2JpTGx1NE9yMGlvOEhSYmk2b3Q5SEFJYjR3RGVTaXBwMzgrcVRHTwoyVk1ZMVE2K1Uwaktyc0FrTWtucHBRcmpFREVKNTg0TXFJTE1WOEw0REVLOVJiMzVCcUY5TzUvTHF3YVpWcHJmCmI2bzhBTDNQVUl6VFZzZjZnYklSNkd3YWhRN0hIcnBtcEZxTWFjOTFrSDNROXpBNWtaVWtnVC8xeDNwUGJwVEEKNzhzejgwNGZIazFLdjlPa1duRDRMZWsrUXl0dTR2enJ5Nnh6T05tOCt6Y0lDVEJ1VUd6ZVNlZXBBeGM1YzZtUApmNnZWTkthMmpLNW93bHZkWkRIVHE0YTdQdTZpT0NCUEFnTUJBQUdqYXpCcE1HY0dBMVVkRVFSZ01GNkNHR0Z3CmJTMXdjbTlpWlMxaGRYUnZZWFIwWVdOb0xYTjJZNEllWVhCdExYQnliMkpsTFdGMWRHOWhkSFJoWTJndGMzWmoKTG1OaFlYQnRnaUpoY0cwdGNISnZZbVV0WVhWMGIyRjBkR0ZqYUMxemRtTXVZMkZoY0cwdWMzWmpNQTBHQ1NxRwpTSWIzRFFFQkN3VUFBNElCQVFBRkVvRHYvbnVTZnpQTE1mczNDZEZ4YytDUFZzelRHSk85WGZzZ1ptb2tGWVdSCjhoRTZWVC9raHNpb2hra2ZNOVNodTNlb3UyWkZzZk12N3hEbmZZYWFudEdTenA2VG0rTzc2ZzlWY1I4YXNZU3QKME9pdThxc1draWJaNmtYVmUyWWhqUk9jakZqalJZeVpFWGN0UFJsTkZudkxaNlUrRFIyd2lXMUFYcEQ1elpiMQpuTUdiRVRYQ1RBMlhjWkxWSzZ2OEhnVTlhMjQzUzJSUFRWdUJEdzRreUpmcW1nUkw5U2RTMFhBWlBQcHJDZEtKCnFOZXhKNFZETENMZGRubXJ4OVZNaVFWU3pnZFoxL3ZDREd1NE9Zdjk2UzNzZG9qMjJDcVJjVFMyN3J2MER2TUIKSzVQb0lNMzJkdHlYZTE3Q296c3A2ekh2QUNUcThOR01iakpKeDF6aQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== --- # Source: uma/templates/configmap_general.yaml # Common config map needed for All extensions apiVersion: v1 kind: ConfigMap metadata: name: caaiops-config-common namespace: caapm data: cluster_name: "SandBox" agentManager_url_1: "localhost:5001" agentManager_credential: "credential" agentManager_tenantId: "tenantid" monitored_namespace_list: "" agentManager_version: "" agentManager_httpProxy_host: "" agentManager_httpProxy_port: "" agentManager_httpProxy_username: "" agentManager_httpProxy_password: "" agentManager_httpCollector_host: "" agentManager_httpCollector_port: "" cluster_events_monitoring_enabled: "false" cluster_events_fieldSelector: "type!=Normal" cluster_events_namespaceFilter: "" cluster_events_docId: "itoa_events_apm" cluster_events_docVersion: "1" cluster_events_product: "ao" cluster_events_perDayClamp: "15000" node_noscheduleTaint_skipMetricAggregation_enabled: "true" node_noscheduleTaint_allowed_tolerations: "" prometheus_server_url: "http://:" prometheus_server_username: "" prometheus_server_password: "" prometheus_server_token: "" agentNaming_deployment_apmia_process: "ClusterDeployment" agentNaming_deployment_apmia_agent: "Infrastructure Agent" agentNaming_deployment_prometheus_process: "ClusterPerformanceMonitor" agentNaming_deployment_prometheus_agent: "Prometheus Agent" agentNaming_daemonset_apmia_host: "" agentNaming_daemonset_apmia_agent: "Kubernetes Agent" clusterPerformance_dataReporter_vertex_ttl: "720" clusterPerformance_dataReporter_vertex_refreshInterval: "360" opentracing_grpc_hostport: "" zipkinTracing_zipkinServer_hostport: "" cloudmonitoring_aws_accesskey: "" cloudmonitoring_aws_secretkey: "" agentNaming_deployment_aws_host: "" agentNaming_deployment_aws_process: "" agentNaming_deployment_aws_agent: "" agentNaming_deployment_httpCollector_host: "" agentNaming_deployment_httpCollector_process: "" --- # Source: uma/templates/configmap_probeautoattach.yaml # Probe AutoAttach secrets and config map apiVersion: v1 kind: ConfigMap metadata: name: caaiops-probe-autoattach-configmap namespace: caapm data: probe-supported-types: nodejs nodejs-sidecarconfig.yaml: | containers: - name: nodejs-probe-autoattach image: caapm/universalmonitoragent:2022.8.0.44 imagePullPolicy: IfNotPresent command: ["sh", "-c", "/nodeprobe/probe-init-script.sh"] volumeMounts: - name: probe-shared-files mountPath: /nodejs-probe - name: application-container env: - name: COLLECTOR_AGENT_HOST valueFrom: fieldRef: fieldPath: spec.nodeName - name: COLLECTOR_AGENT_PORT value: "5005" - name: CA_APM_PROBENAME valueFrom: fieldRef: fieldPath: metadata.name - name: CA_APM_APPNAME valueFrom: fieldRef: fieldPath: metadata.name - name: LOG_ENABLE_CONSOLE_MODE value: "enabled" command: ["sh", "-c", "sh /nodejs-probe/nodeprobe/probe-script.sh"] volumeMounts: - name: probe-shared-files mountPath: /nodejs-probe volumes: - name: probe-shared-files emptyDir: {} --- # Source: uma/templates/configmap_prometheus.yaml apiVersion: v1 kind: ConfigMap metadata: name: caaiops-config-prometheus namespace: caapm data: kubernetes_remote_monitoring_bundles_load: KubernetesRemoteMonitor default.properties: | prometheus.metric.sets: set1 prometheus.metric.set1.metric_list: prometheus.metric.set1.apm_metric_path: prometheus.metric.set1.apm_metric_type: LongFluctuating prometheus.metric.set1.aggregation_type: sum additional.label.sets: cadvisor.properties: | prometheus.metric.sets:set1,set2 prometheus.metric.set1.metric_list: container_cpu_usage_seconds_total,container_spec_cpu_quota,container_spec_cpu_period,container_cpu_usage_seconds_total,container_cpu_cfs_throttled_seconds_total,container_memory_working_set_bytes,container_memory_max_usage_bytes,container_memory_failcnt,container_fs_writes_bytes_total,container_fs_reads_bytes_total,container_network_receive_bytes_total,container_network_transmit_bytes_total,container_network_receive_packets_dropped_total,container_network_transmit_packets_dropped_total prometheus.metric.set1.apm_metric_path: Kubernetes|Namespaces|(aiops_namespace)|Pods|(aiops_pod)|Containers|(aiops_container), Kubernetes|Namespaces|(aiops_namespace)|Pods|(aiops_pod) prometheus.metric.set1.apm_metric_type: LongFluctuating prometheus.metric.set1.aggregation_type: sum prometheus.metric.set2.metric_list: container_spec_memory_limit_bytes prometheus.metric.set2.apm_metric_path: Kubernetes|Namespaces|(aiops_namespace)|Pods|(aiops_pod)|Containers|(aiops_container):container_memory_max_usage_bytes, Kubernetes|Namespaces|(aiops_namespace)|Pods|(aiops_pod):container_memory_max_usage_bytes prometheus.metric.set2.apm_metric_type: LongFluctuating prometheus.metric.set2.aggregation_type: sum additional.label.sets: set1, set2, set3, set4, set5, set6 additional.label.set1.source_label: namespace additional.label.set1.target_label: aiops_namespace additional.label.set2.source_label: pod_name additional.label.set2.target_label: aiops_pod additional.label.set3.source_label: container_name additional.label.set3.target_label: aiops_container additional.label.set4.source_label: container_label_io_kubernetes_pod_namespace additional.label.set4.target_label: aiops_namespace additional.label.set5.source_label: container_label_io_kubernetes_pod_name additional.label.set5.target_label: aiops_pod additional.label.set6.source_label: container_label_io_kubernetes_container_name additional.label.set6.target_label: aiops_container node-exporter.properties: | prometheus.metric.sets: cpu,cpuload,memavailable,memtotal,diskreadwrite,filesystemfree,filesystemsize,network prometheus.metric.cpu.metric_list: node_cpu_seconds_total prometheus.metric.cpu.apm_metric_path: Prometheus|(node_name)|CPU:total_(aiops_mode)_node_cpu_seconds_total,Prometheus|(node_name)|CPU|Core(aiops_cpu):(aiops_mode)_node_cpu_seconds_total prometheus.metric.cpu.apm_metric_type:LongFluctuating prometheus.metric.cpu.aggregation_type:sum prometheus.metric.cpuload.metric_list:node_load1 prometheus.metric.cpuload.apm_metric_path:Prometheus|(node_name)|CPU prometheus.metric.memavailable.metric_list:node_memory_MemAvailable_bytes, node_memory_MemAvailable prometheus.metric.memavailable.apm_metric_path:Prometheus|(node_name)|Memory:node_memory_MemAvailable_bytes prometheus.metric.memtotal.metric_list:node_memory_MemTotal_bytes,node_memory_MemTotal prometheus.metric.memtotal.apm_metric_path:Prometheus|(node_name)|Memory:node_memory_MemTotal_bytes prometheus.metric.diskreadwrite.metric_list:node_disk_written_bytes_total,node_disk_read_bytes_total prometheus.metric.diskreadwrite.apm_metric_path:Prometheus|(node_name)|Storage prometheus.metric.filesystemfree.metric_list:node_filesystem_free_bytes prometheus.metric.filesystemfree.apm_metric_path:Prometheus|(node_name)|Storage:(aiops_device)_node_filesystem_free_bytes, Prometheus|(node_name)|Storage|(aiops_device)|(mountpoint) prometheus.metric.filesystemsize.metric_list:node_filesystem_size_bytes prometheus.metric.filesystemsize.apm_metric_path:Prometheus|(node_name)|Storage:(aiops_device)_node_filesystem_size_bytes, Prometheus|(node_name)|Storage|(aiops_device)|(mountpoint) prometheus.metric.network.metric_list:node_network_receive_bytes_total, node_network_transmit_bytes_total, node_network_receive_drop_total, node_network_transmit_drop_total, node_network_transmit_errs_total, node_network_receive_errs_total prometheus.metric.network.apm_metric_path:Prometheus|(node_name)|Network, Prometheus|(node_name)|Network|(aiops_device) additional.label.sets:set1, set2, set3, set4 additional.label.set1.source_label:device additional.label.set1.target_label:aiops_device additional.label.set2.source_label:cpu additional.label.set2.target_label:aiops_cpu additional.label.set3.source_label:mode additional.label.set3.target_label:aiops_mode kube-state-metric.properties: | prometheus.metric.sets=node_status,pod_status,unschedulable_node,container_status, container_waiting_reason,node_allocatable_capacity, daemonset1,daemonset2, deployments1, deployments2 prometheus.metric.node_status.metric_list=kube_node_status_condition prometheus.metric.node_status.apm_metric_path=Kubernetes|Nodes:kube_node_status_condition_(condition)_(status), Kubernetes|Nodes|(node):kube_node_status_condition_(condition)_(status) prometheus.metric.pod_status.metric_list=kube_pod_status_phase prometheus.metric.pod_status.apm_metric_path=Kubernetes|Namespaces:kube_pod_status_phase_(phase), Kubernetes|Namespaces|(namespace):kube_pod_status_phase_(phase) prometheus.metric.unschedulable_node.metric_list=kube_node_spec_unschedulable prometheus.metric.unschedulable_node.apm_metric_path=Kubernetes|Nodes, Kubernetes|Nodes|(node) prometheus.metric.container_status.metric_list=kube_pod_container_status_running, kube_pod_container_status_terminated, kube_pod_container_status_waiting prometheus.metric.container_status.apm_metric_path=Kubernetes|Namespaces, Kubernetes|Namespaces|(namespace) prometheus.metric.container_waiting_reason.metric_list=kube_pod_container_status_waiting_reason prometheus.metric.container_waiting_reason.apm_metric_path=Kubernetes|Namespaces|(namespace)|kube_pod_container_status_waiting_reason:(reason) prometheus.metric.node_allocatable_capacity.metric_list=kube_node_status_allocatable_cpu_cores, kube_node_status_capacity_cpu_cores, kube_node_status_allocatable_memory_bytes , kube_node_status_capacity_memory_bytes, kube_node_status_allocatable_pods, kube_node_status_capacity_pods prometheus.metric.node_allocatable_capacity.apm_metric_path=Kubernetes|Nodes, Kubernetes|Nodes|(node) prometheus.metric.daemonset1.metric_list=kube_daemonset_status_number_unavailable, kube_daemonset_status_desired_number_scheduled, kube_daemonset_status_number_available, kube_daemonset_updated_number_scheduled prometheus.metric.daemonset1.apm_metric_path=Kubernetes|Namespaces|(namespace), Kubernetes|Namespaces|(namespace)|kube_daemonset|(daemonset) prometheus.metric.daemonset2.metric_list=kube_daemonset_status_number_misscheduled, kube_daemonset_status_current_number_scheduled, kube_daemonset_status_number_ready prometheus.metric.daemonset2.apm_metric_path=Kubernetes|Namespaces, Kubernetes|Namespaces|(namespace), Kubernetes|Namespaces|(namespace)|kube_daemonset|(daemonset) prometheus.metric.deployments1.metric_list=kube_deployment_status_replicas, kube_deployment_status_replicas_available, kube_deployment_status_replicas_unavailable prometheus.metric.deployments1.apm_metric_path=Kubernetes|Namespaces, Kubernetes|Namespaces|(namespace), Kubernetes|Namespaces|(namespace)|kube_deployment|(deployment) prometheus.metric.deployments2.metric_list=kube_deployment_status_replicas_updated, kube_deployment_status_observed_generation, kube_deployment_spec_replicas, kube_deployment_spec_paused prometheus.metric.deployments2.apm_metric_path=Kubernetes|Namespaces|(namespace), Kubernetes|Namespaces|(namespace)|kube_deployment|(deployment) haproxy.properties: | prometheus.metric.sets:frontend, backend, server prometheus.metric.backend.metric_list:haproxy_backend_connections_total, haproxy_backend_current_queue, haproxy_backend_up prometheus.metric.backend.apm_metric_path:Kubernetes|HAProxyRouter|Backends|(backend) prometheus.metric.frontend.metric_list:haproxy_frontend_bytes_in_total,haproxy_frontend_max_sessions prometheus.metric.frontend.apm_metric_path:Kubernetes|HAProxyRouter|Frontends|(frontend) prometheus.metric.server.metric_list:haproxy_server_bytes_out_total, haproxy_server_check_failures_total, haproxy_server_connection_errors_total, haproxy_server_connections_total, haproxy_server_current_queue, haproxy_server_current_session_rate, haproxy_server_current_sessions, haproxy_server_downtime_seconds_total, haproxy_server_http_average_response_latency_milliseconds, haproxy_server_http_responses_total, haproxy_server_max_session_rate, haproxy_server_up, haproxy_server_response_errors_total prometheus.metric.server.apm_metric_path:Kubernetes|HAProxyRouter|Projects|(namespace)|Services|(service)|Pods|(pod) coredns.properties: | prometheus.metric.sets=build,cache,counter,request,response,forward,panic prometheus.metric.build.metric_list=coredns_build_info prometheus.metric.build.apm_metric_path=Kubernetes|Coredns|Build_info|(goversion)|Revision|(revision)|Version|(version) prometheus.metric.cache.metric_list=coredns_cache_misses_total prometheus.metric.cache.apm_metric_path=Kubernetes|Coredns|Cache|Server|(server) prometheus.metric.counter.metric_list=coredns_dns_request_count_total prometheus.metric.counter.apm_metric_path=Kubernetes|Coredns|Request|Family|(proto)|Server|(server)|zone-(zone) prometheus.metric.request.metric_list=coredns_dns_request_type_count_total prometheus.metric.request.apm_metric_path=Kubernetes|Coredns|Request|Server|(server)|Query_type|(type)|Zone-(zone) prometheus.metric.response.metric_list=coredns_dns_response_rcode_count_total prometheus.metric.response.apm_metric_path=Kubernetes|Coredns|Response|(rcode)|Server|(server)|Zone-(zone) prometheus.metric.forward.metric_list=coredns_forward_healthcheck_failure_count_total,coredns_forward_sockets_open prometheus.metric.forward.apm_metric_path=Kubernetes|Coredns|Forward|Destination_IP|(to) prometheus.metric.panic.metric_list=coredns_panic_count_total prometheus.metric.panic.apm_metric_path=Kubernetes|Coredns additional.label.sets=set1 additional.label.set1.source_label=family additional.label.set1.target_label=Family etcd.properties: | prometheus.metric.sets=server,disk,network,debugging,grpc,snapdb,process,mvcc,go prometheus.metric.server.metric_list=etcd_server_go_version, etcd_server_has_leader, etcd_server_health_failures, etcd_server_health_success, etcd_server_heartbeat_send_failures_total, etcd_server_id, etcd_server_is_leader,etcd_server_leader_changes_seen_total, etcd_server_proposals_applied_total, etcd_server_proposals_committed_total, etcd_server_proposals_failed_total, etcd_server_proposals_pending, etcd_server_quota_backend_bytes,etcd_server_read_indexes_failed_total, etcd_server_slow_apply_total, etcd_server_slow_read_indexes_total, etcd_server_snapshot_apply_in_progress_total, etcd_server_version prometheus.metric.server.apm_metric_path=Kubernetes|etcd|server prometheus.metric.disk.metric_list=etcd_disk_backend_commit_duration_seconds, etcd_disk_backend_defrag_duration_seconds, etcd_disk_backend_snapshot_duration_seconds, etcd_disk_wal_fsync_duration_seconds prometheus.metric.disk.apm_metric_path=Kubernetes|etcd|disk prometheus.metric.network.metric_list=etcd_network_client_grpc_received_bytes_total, etcd_network_client_grpc_sent_bytes_total, etcd_network_peer_received_bytes_total, etcd_network_peer_received_failures_total, etcd_network_peer_round_trip_time_seconds etcd_network_peer_sent_bytes_total, etcd_network_peer_sent_failures_total prometheus.metric.network.apm_metric_path=Kubernetes|etcd|network prometheus.metric.debugging.metric_list=etcd_debugging_mvcc_compact_revision, etcd_debugging_mvcc_current_revision, etcd_debugging_mvcc_db_compaction_keys_total, etcd_debugging_mvcc_db_compaction_pause_duration_milliseconds, etcd_debugging_mvcc_db_compaction_total_duration_milliseconds, etcd_debugging_mvcc_db_total_size_in_bytes, etcd_debugging_mvcc_delete_total, etcd_debugging_mvcc_events_total, etcd_debugging_mvcc_index_compaction_pause_duration_milliseconds, etcd_debugging_mvcc_keys_total, etcd_debugging_mvcc_pending_events_total, etcd_debugging_mvcc_put_total, etcd_debugging_mvcc_range_total, etcd_debugging_mvcc_slow_watcher_total, etcd_debugging_mvcc_total_put_size_in_bytes, etcd_debugging_mvcc_txn_total, etcd_debugging_mvcc_watch_stream_total, etcd_debugging_mvcc_watcher_total, etcd_debugging_server_lease_expired_total, etcd_debugging_snap_save_marshalling_duration_seconds, etcd_debugging_snap_save_total_duration_seconds, etcd_debugging_store_expires_total, etcd_debugging_store_reads_total, etcd_debugging_store_watch_requests_total, etcd_debugging_store_watchers, etcd_debugging_store_writes_total prometheus.metric.debugging.apm_metric_path=Kubernetes|etcd|debugging prometheus.metric.grpc.metric_list=etcd_grpc_proxy_cache_hits_total, etcd_grpc_proxy_cache_keys_total, etcd_grpc_proxy_cache_misses_total, etcd_grpc_proxy_events_coalescing_total, etcd_grpc_proxy_watchers_coalescing_total prometheus.metric.grpc.apm_metric_path=Kubernetes|etcd|grpc prometheus.metric.snapdb.metric_list=etcd_snap_db_save_total_duration_seconds,etcd_snap_db_fsync_duration_seconds prometheus.metric.snapdb.apm_metric_path=Kubernetes|etcd|snapshot prometheus.metric.process.metric_list=process_open_fds, process_max_fds, process_cpu_seconds_total, process_resident_memory_bytes, process_start_time_seconds, process_virtual_memory_bytes prometheus.metric.process.apm_metric_path=Kubernetes|etcd|process prometheus.metric.mvcc.metric_list=etcd_mvcc_db_total_size_in_bytes, etcd_mvcc_db_total_size_in_use_in_bytes, etcd_mvcc_hash_duration_seconds, etcd_mvcc_hash_rev_duration_seconds prometheus.metric.mvcc.apm_metric_path=Kubernetes|etcd|mvcc apiserver.properties: | prometheus.metric.sets=apiserver,watchers,root,apiservices,etcd,threads,memory,process,clients,workqueue,etcdobj,lable4,lable5 prometheus.metric.apiserver.metric_list=apiserver_response_sizes,apiserver_response_sizes_sum,apiserver_response_sizes_count,apiserver_request_count,apiserver_longrunning_gauge,apiserver_request_duration_seconds,apiserver_request_duration_seconds_sum,apiserver_request_duration_seconds_count,apiserver_request_latencies,apiserver_request_latencies_sum,apiserver_request_latencies_count,apiserver_request_total prometheus.metric.apiserver.apm_metric_path=Kubernetes|apiserver|(scope)|(resource)|(verb) prometheus.metric.apiserver.apm_metric_type=LongFluctuating prometheus.metric.apiserver.aggregation_type=sum prometheus.metric.watchers.metric_list=apiserver_registered_watchers,apiserver_watch_events_sizes,apiserver_watch_events_sizes_sum,apiserver_watch_events_sizes_count,apiserver_watch_events_total,apiserver_registered_watchers,apiserver_watch_events_total prometheus.metric.watchers.apm_metric_path=Kubernetes|apiserver|kinds|(kind) prometheus.metric.watchers.apm_metric_type=LongFluctuating prometheus.metric.watchers.aggregation_type=sum prometheus.metric.root.metric_list=APIServiceOpenAPIAggregationControllerQueue1_adds,APIServiceOpenAPIAggregationControllerQueue1_depth, APIServiceOpenAPIAggregationControllerQueue1_queue_latency, APIServiceOpenAPIAggregationControllerQueue1_retries,APIServiceOpenAPIAggregationControllerQueue1_work_duration,APIServiceRegistrationController_adds, APIServiceRegistrationController_depth, APIServiceRegistrationController_queue_latency,APIServiceRegistrationController_work_duration,AvailableConditionController_adds,AvailableConditionController_depth,AvailableConditionController_retries,AvailableConditionController_queue_latency,AvailableConditionController_work_duration,DiscoveryController_adds,DiscoveryController_work_duration,admission_quota_controller_work_duration,admission_quota_controller_queue_latency,apiserver_current_inflight_requests,apiserver_request_duration_seconds,apiserver_request_duration_seconds_sum,apiserver_request_duration_seconds_count prometheus.metric.root.apm_metric_path=Kubernetes|apiserver prometheus.metric.root.apm_metric_type=LongFluctuating prometheus.metric.root.aggregation_type=sum prometheus.metric.apiservices.metric_list=apiserver_storage_data_key_generation_failures_total,apiserver_storage_envelope_transformation_cache_misses_total,apiserver_watch_events_sizes,apiserver_watch_events_sizes_sum,apiserver_watch_events_sizes_count prometheus.metric.apiservices.apm_metric_path=Kubernetes|apiserver|apiservices prometheus.metric.apiservices.apm_metric_type=LongFluctuating prometheus.metric.apiservices.aggregation_type=sum prometheus.metric.etcd.metric_list=etcd_request_duration_seconds,etcd_request_duration_seconds_sum,etcd_request_duration_seconds_count prometheus.metric.etcd.apm_metric_path=Kubernetes|etcd prometheus.metric.etcd.apm_metric_type=LongFluctuating prometheus.metric.etcd.aggregation_type=sum prometheus.metric.threads.metric_list=go_goroutines,go_threads prometheus.metric.threads.apm_metric_path=Kubernetes|apiserver|threads prometheus.metric.memory.metric_list=go_gc_duration_seconds,go_gc_duration_seconds_sum,go_gc_duration_seconds_count,go_memstats_alloc_bytes,go_memstats_frees_total,go_memstats_heap_alloc_bytes,go_memstats_heap_idle_bytes,go_memstats_heap_inuse_bytes,go_memstats_heap_objects,go_memstats_alloc_bytes_total prometheus.metric.memory.apm_metric_path=Kubernetes|apiserver|memory prometheus.metric.process.metric_list=process_virtual_memory_bytes,process_resident_memory_bytes,process_max_fds,process_open_fds prometheus.metric.process.apm_metric_path=Kubernetes|apiserver|process prometheus.metric.clients.metric_list=grpc_client_handled_total,rest_client_request_duration_seconds,rest_client_request_duration_seconds_sum,rest_client_request_duration_seconds_count,rest_client_requests_total,rest_client_requests_total_sum,rest_client_requests_total_count prometheus.metric.clients.apm_metric_path=Kubernetes|apiserver|clients prometheus.metric.workqueue.metric_list=autoregister_adds,autoregister_depth,autoregister_queue_latency,autoregister_retries,autoregister_work_duration,controller_clusterquotamappingcontroller_clusterquotas_adds,controller_clusterquotamappingcontroller_clusterquotas_depth,controller_clusterquotamappingcontroller_clusterquotas_queue_latency,controller_clusterquotamappingcontroller_clusterquotas_retries,controller_clusterquotamappingcontroller_clusterquotas_work_duration,controller_clusterquotamappingcontroller_namespaces_adds,controller_clusterquotamappingcontroller_namespaces_depth,controller_clusterquotamappingcontroller_namespaces_queue_latency,controller_clusterquotamappingcontroller_namespaces_retries,controller_clusterquotamappingcontroller_namespaces_work_duration,crdEstablishing_adds,crdEstablishing_depth,crdEstablishing_queue_latency,crdEstablishing_retries,workqueue_queue_duration_seconds,workqueue_queue_duration_seconds_sum,workqueue_queue_duration_seconds_count,workqueue_work_duration_seconds,workqueue_work_duration_seconds_sum,workqueue_work_duration_seconds_count prometheus.metric.workqueue.apm_metric_path=Kubernetes|apiserver|workqueue prometheus.metric.workqueue.apm_metric_type=LongFluctuating prometheus.metric.workqueue.aggregation_type=sum prometheus.metric.lable4.metric_list=workqueue_adds_total,workqueue_depth,workqueue_longest_running_processor_seconds,workqueue_retries_total,workqueue_queue_duration_seconds_bucket,workqueue_unfinished_work_seconds prometheus.metric.lable4.apm_metric_path=Kubernetes|apiserver|workqueue|(name) prometheus.metric.etcdobj.metric_list=etcd_object_counts,apiserver_storage_object_counts prometheus.metric.etcdobj.apm_metric_path=Kubernetes|etcd|(resource) prometheus.metric.etcdobj.apm_metric_type=LongFluctuating prometheus.metric.etcdobj.aggregation_type=sum prometheus.metric.lable5.metric_list=grpc_client_handled_total,grpc_client_msg_sent_total,grpc_client_msg_received_total,grpc_client_started_total prometheus.metric.lable5.apm_metric_path=Kubernetes|apiserver|clients|grpc|method|(grpc_method)|service|grpc_service|type|(grpc_type) --- # Source: uma/templates/role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: broadcom-uma-clusterrole rules: - nonResourceURLs: - /metrics verbs: - get - apiGroups: - "" resources: - nodes - nodes/stats - nodes/metrics - nodes/proxy - services - pods - events - pods/exec - resourcequotas - replicationcontrollers - limitranges - namespaces - persistentvolumes - persistentvolumeclaims - endpoints - ingresses verbs: - get - create - update - list - watch - patch - apiGroups: - apps - admissionregistration.k8s.io resources: - deployments - statefulsets - replicasets - daemonsets - cronjobs - jobs - mutatingwebhookconfigurations verbs: - get - list - watch - create - update - patch - apiGroups: - extensions - batch resources: - deployments - statefulsets - replicasets - daemonsets - cronjobs - jobs - ingresses - namespaces verbs: - get - list - watch - create - patch - delete - update - apiGroups: - "" resources: - configmaps - secrets verbs: - '*' - apiGroups: - extensions - "networking.k8s.io" # k8s 1.14+ resources: - ingresses verbs: - get - list - watch - create - patch - delete - apiGroups: - ca.broadcom.com resources: - '*' verbs: - '*' - apiGroups: - security.openshift.io resources: - securitycontextconstraints resourceNames: - anyuid - privileged verbs: - use - apiGroups: - extensions resources: - podsecuritypolicies resourceNames: - ibm-privileged-psp verbs: - use - apiGroups: - apps.openshift.io resources: - deploymentconfigs verbs: - get - list - watch - create - update - patch --- # Source: uma/templates/role_binding.yaml # ClusterRoleBinding for binding with Service Account apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: broadcom-uma-clusterrolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: broadcom-uma-clusterrole subjects: - kind: ServiceAccount name: uma namespace: caapm --- # Source: uma/templates/deployment_apmia.yaml apiVersion: v1 kind: Service metadata: name: opentracing namespace: caapm spec: selector: app: apmia-deployment ports: - port: 8888 protocol: TCP targetPort: 8888 type: ClusterIP --- # Source: uma/templates/deployment_httpcollector.yaml apiVersion: v1 kind: Service metadata: name: apmia-http-collector-web namespace: caapm labels: app: apmia-http-collector spec: clusterIP: None selector: app: apmia-http-collector ports: - name: hc-port-1 port: 8085 protocol: TCP targetPort: 8085 --- # Source: uma/templates/deployment_probeautoattach.yaml apiVersion: v1 kind: Service metadata: name: apm-probe-autoattach-svc namespace: caapm labels: app: apm-probe-autoattach spec: ports: - port: 443 targetPort: 8443 type: ClusterIP selector: app: apm-probe-autoattach --- # Source: uma/templates/service_clusterdiscovery.yaml # Service for Cluster Discovery apiVersion: v1 kind: Service metadata: name: clusterinfo namespace: caapm spec: selector: module: clusterinfo ports: - port: 8080 type: ClusterIP --- # Source: uma/templates/daemonset_apmia.yaml # DaemonSet Configuration # Agent from Container1 will be reported to |Infrastructure|Agent # Agent from Container2 will be reported to |Application|JMX Agent apiVersion: apps/v1 kind: DaemonSet metadata: name: app-container-monitor namespace: caapm labels: tier: monitoring app: cagent spec: # oc adm policy add-scc-to-user privileged -z default selector: matchLabels: app: caagent template: metadata: labels: app: caagent annotations: ca.broadcom.application.name: container-monitoring spec: hostPID: true hostIPC: true hostNetwork: true tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - key: node-role.kubernetes.io/storage effect: NoSchedule - key: node-role.kubernetes.io/infra effect: NoSchedule - effect: NoSchedule operator: Exists - effect: NoExecute operator: Exists serviceAccountName: uma initContainers: - name: init-clusterinfo image: caapm/universalmonitoragent:2022.8.0.44 command: ['bash', '-c', 'until [ $(curl --connect-timeout 5 --max-time 10 --write-out %{http_code} --silent --output /dev/null ${CLUSTERINFO_SERVICE_HOST}:${CLUSTERINFO_SERVICE_PORT}/up) -eq 200 ]; do sleep 2; done'] resources: limits: cpu: 20m memory: 20Mi requests: cpu: 10m memory: 10Mi containers: - name: containerinfo image: caapm/universalmonitoragent:2022.8.0.44 imagePullPolicy: Always command: ["/start.sh"] securityContext: privileged: true runAsUser: 0 env: - name: CAAPM_CONTAINERINFO_PORT value: "7777" - name: CAAPM_CONTAINERINFO_LOG_LEVEL value: "INFO" - name: CAAPM_CONTAINERINFO_STATS_INTERVAL value: "60" livenessProbe: httpGet: path: /runtime/info port: 7777 initialDelaySeconds: 60 periodSeconds: 60 resources: limits: cpu: 500m memory: 500Mi requests: cpu: 100m memory: 200Mi volumeMounts: - name: dockersock mountPath: /var/run/docker.sock readOnly: true - name: containerdsock mountPath: /run/containerd/containerd.sock readOnly: true - name: containerdekssock mountPath: /run/dockershim.sock readOnly: true - name: criosock mountPath: /var/run/crio/crio.sock readOnly: true - name: sys mountPath: /host/sys readOnly: true - name: proc mountPath: /host/proc readOnly: true - name: dockeroverlay mountPath: /host/var/lib/docker/overlay readOnly: true - name: dockeroverlay2 mountPath: /host/var/lib/docker/overlay2 readOnly: true - name: criooverlay mountPath: /host/var/lib/containers/storage/overlay readOnly: true - name: criooverlaycontainers mountPath: /host/var/lib/containers/storage/overlay-containers readOnly: true - name: criooverlayimages mountPath: /host/var/lib/containers/storage/overlay-images readOnly: true - env: - name: containerflow value: disabled - name: agentManager_url_1 valueFrom: configMapKeyRef: key: agentManager_url_1 name: caaiops-config-common - name: agentManager_credential valueFrom: configMapKeyRef: key: agentManager_credential name: caaiops-config-common - name: apmenv_introscope_agent_connection_compatibility_version valueFrom: configMapKeyRef: key: agentManager_version name: caaiops-config-common - name: type value: Kubernetes - name: interval value: "60" - name: DOCKER_STATS_CGROUP_MODE value: enabled - name: apmenv_introscope_epagent_config_httpServerPort value: "8889" - name: apmenv_introscope_agent_remotejmx_config_modules value: "jvm,memory" - name: apmenv_introscope_agent_extensions_bundles_load value: NodeExtension ,PythonExtension,CppExtension,autoattach,OpenshiftMonitor,HostMonitor,KubernetesRemoteMonitor, ########################## # Auto Attach properties: ########################## # Free memory threshold required for attaching to containers (%) #- name: apmenv_autoattach_free_memory_threshold # value: "50.00" # Interval for attaching to memory unbounded containers (sec). One unbounded container will be attached to per interval. #- name: apmenv_autoattach_unbounded_container_attach_interval # value: "300" # Operation Mode for Auto Attach (whitelist/blacklist). # whitelist: will only attach to processes marked with env variable CA_APM_MONITORING_ENABLED=true # blacklist: will attach to all processes except those marked with env variable CA_APM_MONITORING_ENABLED=false - name: apmenv_autoattach_filter_type value: "whitelist" - name: apmenv_autoattach_customJdkTools_enabled value: "false" - name: apmenv_autoattach_dynamicPropertyResolution_enabled value: "true" - name: apmenv_autoattach_dynamicPropertyResolution_properties_list value: "introscope.agent.hostName,com.wily.introscope.agent.agentName" - name: apmenv_autoattach_introscope_agent_hostName value: "{k8s_deployment_name},{k8s_daemonset_name},{k8s_deploymentconfig_name},{k8s_pod_name},ContainerHost" - name: apmenv_autoattach_com_wily_introscope_agent_agentName value: "" - name: apmenv_autoattach_java_enabled_applications value: " " # Properties for aggressively monitoring every JVM - name: apmenv_autoattach_java_proactiveMode_enabled value: "true" #- name: apmenv_autoattach_java_proactiveMode_agent_load_delay # value: "300" - name: apmenv_autoattach_java_proactiveMode_agent_extra_properties value: "introscope.agent.remotejmx.system.s1.config.modules=jvm," - name: apmenv_autoattach_net_enabled_applications value: " " # Properties for aggressively monitoring every.NET Runtime - name: apmenv_autoattach_net_proactiveMode_enabled value: "true" #- name: apmenv_autoattach_net_proactiveMode_agent_load_delay # value: "30" # Properties for monitoring Nodejs Runtime - name: apmenv_autoattach_nodejs_enabled value: "true" # Properties for trace logging #- name: apmenv_log4j_logger_IntroscopeAgent # value: "TRACE#com.wily.util.feedback.Log4JSeverityLevel, logfile" #- name: apmenv_log4j_logger_IntroscopeAgent_AutoAttach # value: "TRACE#com.wily.util.feedback.Log4JSeverityLevel, logfile" #- name: apmenv_log4j_additivity_IntroscopeAgent_AutoAttach # value: "false" #- name: apmenv_log4j_appender_logfile_MaxFileSize # value: "200MB" #- name: apmenv_log4j_appender_logfile_MaxBackupIndex # value: "10" - name: apmenv_com_ca_apm_kubernetes_remote_monitor_type value: jmx,prometheus - name: apmenv_com_ca_apm_kubernetes_autodiscovery_local value: "true" - name: nodename valueFrom: fieldRef: fieldPath: spec.nodeName - name: apmenv_com_ca_apm_kubernetes_clusterName valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_introscope_agent_hostmonitor_profiles_localhost_linux_groups value: memory,cpu,network,diskio,hostresources,application,protocol,systemmanagement,performance,process,ipc,distributedsystem,topprocess,operatingsystem,storage,systemload,port - name: apmenv_com_ca_apm_kubernetes_prometheus_datafile value: node-exporter, cadvisor - name: apmenv_introscope_agent_hostName valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_introscope_agent_customProcessName valueFrom: fieldRef: fieldPath: spec.nodeName - name: apmenv_introscope_agent_agentName valueFrom: configMapKeyRef: key: agentNaming_daemonset_apmia_agent name: caaiops-config-common - name: MIN_HEAP_VAL_IN_MB value: "64" - name: REDUCE_METRIC_EXPLOSION value: "false" - name: apmenv_com_ca_apm_kubernetes_monitor_legacy value: "false" name: podmonitor image: caapm/universalmonitoragent:2022.8.0.44 resources: limits: cpu: 1000m memory: 1G requests: cpu: 200m memory: 300Mi livenessProbe: httpGet: path: /healthz port: 8889 initialDelaySeconds: 120 failureThreshold: 2 periodSeconds: 180 imagePullPolicy: Always # resources: # limits: # cpu: 500m # memory: 700Mi # requests: # cpu: 200m # memory: 300Mi securityContext: privileged: true volumeMounts: - name: dockersock mountPath: /var/run/docker.sock readOnly: true - name: dev mountPath: /host/dev readOnly: true - name: run mountPath: /host/run readOnly: true - name: sys mountPath: /host/sys readOnly: true - name: boot mountPath: /host/boot readOnly: true - name: home mountPath: /host/home readOnly: true - name: proc mountPath: /host/proc readOnly: true - name: rootfs mountPath: /host readOnly: true - name: config-volume mountPath: /usr/local/openshift/apmia/extensions/KubernetesRemoteMonitor/config/prometheus - name: apm-probe-autoattach-clientcerts mountPath: /etc/probeautoattach/certs readOnly: true volumes: - name: dockersock hostPath: path: /var/run/docker.sock - name: containerdsock hostPath: path: /run/containerd/containerd.sock - name: containerdekssock hostPath: path: /run/dockershim.sock - name: criosock hostPath: path: /var/run/crio/crio.sock - name: dev hostPath: path: /dev - name: run hostPath: path: /run - name: sys hostPath: path: /sys - name: boot hostPath: path: /boot - name: home hostPath: path: /home - name: rootfs hostPath: path: / - name: proc hostPath: path: /proc - name: dockeroverlay hostPath: path: /var/lib/docker/overlay - name: dockeroverlay2 hostPath: path: /var/lib/docker/overlay2 - name: criooverlay hostPath: path: /var/lib/containers/storage/overlay - name: criooverlaycontainers hostPath: path: /var/lib/containers/storage/overlay-containers - name: criooverlayimages hostPath: path: /var/lib/containers/storage/overlay-images - name: config-volume configMap: name: caaiops-config-prometheus - name: apm-probe-autoattach-clientcerts secret: secretName: caaiops-probe-autoattach-certs --- # Source: uma/templates/deployment_apmia.yaml # ( and .Values.monitor.container.prometheus.backend.endPoint.url .Values.agentManager.url ) # APMIA based Deployment. # Agent from Container1 will be reported to |ClusterMonitoring|Infrastructure Agent apiVersion: apps/v1 kind: Deployment metadata: name: container-monitor namespace: caapm labels: app: apmia-deployment spec: replicas: 1 template: metadata: name: apmia-deployment labels: app: apmia-deployment deployment.name: container-monitor spec: serviceAccountName: uma initContainers: - name: init-clusterinfo image: caapm/universalmonitoragent:2022.8.0.44 command: ['bash', '-c', 'until [ $(curl --connect-timeout 5 --max-time 10 --write-out %{http_code} --silent --output /dev/null ${CLUSTERINFO_SERVICE_HOST}:${CLUSTERINFO_SERVICE_PORT}/up) -eq 200 ]; do sleep 2; done'] resources: limits: cpu: 20m memory: 20Mi requests: cpu: 10m memory: 10Mi containers: - env: - name: agentManager_url_1 valueFrom: configMapKeyRef: key: agentManager_url_1 name: caaiops-config-common - name: agentManager_credential valueFrom: configMapKeyRef: key: agentManager_credential name: caaiops-config-common - name: apmenv_introscope_agent_connection_compatibility_version valueFrom: configMapKeyRef: key: agentManager_version name: caaiops-config-common - name: interval value: "300" - name: KUEBRNETES_CLUSTER_MONITORING value: "true" - name: apmenv_introscope_epagent_config_httpServerPort value: "8888" - name: REDUCE_METRIC_EXPLOSION value: "false" - name: type value: "Kubernetes" - name: HostMonitoring value: disabled - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_cluster value: k8s_cluster_name=(k8s_cluster_clustername), k8s_project=(k8s_cluster_projects) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_node value: k8s_project=(k8s_node_namespaces),k8s_cluster_name=(k8s_node_clustername), k8s_pod_nodename=(name), k8s_node_agentpath=(agent) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_namespace value: k8s_project=(name), k8s_cluster_name=(k8s_namespace_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_pod value: k8s_pod_name=(name), k8s_project=(k8s_pod_namespace), k8s_cluster_name=(k8s_pod_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_deployment value: k8s_project=(k8s_deployment_namespace), k8s_cluster_name=(k8s_deployment_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_deploymentconfig value: k8s_project=(k8s_deploymentconfig_namespace), k8s_cluster_name=(k8s_deploymentconfig_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_daemonset value: k8s_project=(k8s_daemonset_namespace), k8s_cluster_name=(k8s_daemonset_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_container value: k8s_pod_nodename=(k8s_container_nodename), k8s_pod_container_name=(name), k8s_pod_name=(k8s_container_podname),k8s_project=(k8s_container_namespace),k8s_pod_container_id=(k8s_container_id), k8s_cluster_name=(k8s_container_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_replicaset value: k8s_project=(k8s_replicaset_namespace), k8s_cluster_name=(k8s_replicaset_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_service value: k8s_project=(k8s_service_namespace), k8s_cluster_name=(k8s_service_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_statefulset value: k8s_project=(k8s_statefulset_namespace), k8s_cluster_name=(k8s_statefulset_clustername) - name: apmenv_com_ca_apm_clusterdatareporter_additional_attributes_cronjob value: k8s_project=(k8s_cronjob_namespace), k8s_cluster_name=(k8s_cronjob_clustername) - name: apmenv_cluster_name valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_introscope_agent_customProcessName valueFrom: configMapKeyRef: key: agentNaming_deployment_apmia_process name: caaiops-config-common - name: apmenv_introscope_agent_hostName valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_introscope_agent_agentName valueFrom: configMapKeyRef: key: agentNaming_deployment_apmia_agent name: caaiops-config-common - name: apmenv_introscope_agent_extensions_bundles_load value: ZipkinTracing, OpenTracing, ClusterDataReporter, - name: MIN_HEAP_VAL_IN_MB value: "64" - name: MAX_HEAP_VAL_IN_MB value: "800" - name: METADATA_GRAPH_BUFFER_SIZE value: "100" - name: cluster_name valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_agent_distributedTracing_collector_zipkin_server_hostport valueFrom: configMapKeyRef: key: zipkinTracing_zipkinServer_hostport name: caaiops-config-common - name: apmenv_introscope_agent_opentracing_grpc_server_hostport valueFrom: configMapKeyRef: key: opentracing_grpc_hostport name: caaiops-config-common - name: apmenv_com_ca_apm_clusterdatareporter_vertex_ttltime_minutes valueFrom: configMapKeyRef: key: clusterPerformance_dataReporter_vertex_ttl name: caaiops-config-common - name: apmenv_com_ca_apm_clusterdatareporter_vertex_refreshtime_minutes valueFrom: configMapKeyRef: key: clusterPerformance_dataReporter_vertex_refreshInterval name: caaiops-config-common name: uma image: caapm/universalmonitoragent:2022.8.0.44 livenessProbe: httpGet: path: /healthz port: 8888 initialDelaySeconds: 60 periodSeconds: 60 resources: limits: cpu: 2 memory: 1G requests: cpu: 200m memory: 300Mi imagePullPolicy: Always restartPolicy: Always selector: matchLabels: app: apmia-deployment --- # Source: uma/templates/deployment_clusterdiscovery.yaml # Cluster Discovery Service apiVersion: apps/v1 kind: Deployment metadata: name: clusterinfo namespace: caapm labels: app: cagent module: clusterinfo annotations: ca.broadcom.application.name: kubernete-cluster-monitoring spec: replicas: 1 template: metadata: name: clusterinfo labels: app: cagent module: clusterinfo spec: serviceAccountName: uma containers: - name: clusterinfo image: caapm/universalmonitoragent:2022.8.0.44 env: #- name: CAAPM_CLUSTERINFO_DATA_WATCHERS_TIMEOUT # value: "240" - name: type value: Kubernetes - name: agent_connection_compatibility_version valueFrom: configMapKeyRef: key: agentManager_version name: caaiops-config-common - name: cluster_name valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: clusterinfo_events_enabled valueFrom: configMapKeyRef: key: cluster_events_monitoring_enabled name: caaiops-config-common - name: clusterinfo_events_fieldSelector valueFrom: configMapKeyRef: key: cluster_events_fieldSelector name: caaiops-config-common - name: clusterinfo_events_namespaceFilter valueFrom: configMapKeyRef: key: cluster_events_namespaceFilter name: caaiops-config-common - name: clusterinfo_events_tenantToken valueFrom: configMapKeyRef: key: agentManager_credential name: caaiops-config-common - name: clusterinfo_events_tenantIngestionUrl valueFrom: configMapKeyRef: key: agentManager_url_1 name: caaiops-config-common - name: clusterinfo_events_tenantId valueFrom: configMapKeyRef: key: agentManager_tenantId name: caaiops-config-common - name: clusterinfo_events_elasticDocTypeId valueFrom: configMapKeyRef: key: cluster_events_docId name: caaiops-config-common - name: clusterinfo_events_elasticDocTypeVersion valueFrom: configMapKeyRef: key: cluster_events_docVersion name: caaiops-config-common - name: clusterinfo_events_elasticProduct valueFrom: configMapKeyRef: key: cluster_events_product name: caaiops-config-common - name: clusterinfo_events_perDayClamp valueFrom: configMapKeyRef: key: cluster_events_perDayClamp name: caaiops-config-common - name: node_noscheduleTaint_skipMetricAggregation_enabled value: "true" resources: limits: cpu: 2 memory: 2.7G requests: cpu: 500m memory: 900Mi imagePullPolicy: Always livenessProbe: httpGet: path: /up port: 8080 initialDelaySeconds: 60 periodSeconds: 120 command: ["/usr/local/openshift/apmia/jre/bin/java", "-Xms256m","-Xmx1024m", "-Dlogging.config=file:/usr/local/openshift/logback.xml", "-jar", "/clusterinfo-1.0.jar"] restartPolicy: Always selector: matchLabels: module: clusterinfo --- # Source: uma/templates/deployment_httpcollector.yaml # APMIA HTTP Collector Deployment. apiVersion: apps/v1 kind: Deployment metadata: name: apmia-http-collector namespace: caapm labels: app: apmia-http-collector spec: replicas: 1 selector: matchLabels: app: apmia-http-collector template: metadata: name: apmia-http-collector labels: app: apmia-http-collector deployment.name: http-collector-agent spec: serviceAccountName: uma containers: - env: - name: agentManager_url_1 valueFrom: configMapKeyRef: key: agentManager_url_1 name: caaiops-config-common - name: agentManager_credential valueFrom: configMapKeyRef: key: agentManager_credential name: caaiops-config-common - name: apmenv_introscope_agent_agentName valueFrom: fieldRef: fieldPath: metadata.name - name: apmenv_introscope_agent_hostName valueFrom: configMapKeyRef: key: agentNaming_deployment_httpCollector_host name: caaiops-config-common - name: apmenv_introscope_agent_customProcessName valueFrom: configMapKeyRef: key: agentNaming_deployment_httpCollector_process name: caaiops-config-common - name: apmenv_introscope_agent_extensions_bundles_load value: "http-collector, NodeExtension," - name: apmenv_introscope_agent_urlgroup_frontend_url_clamp value: "12" - name: apmenv_introscope_agent_urlgroup_backend_url_clamp value: "12" - name: apmenv_introscope_agent_stalls_transaction_untrack_thresholdseconds value: "90" - name: apmenv_http_collector_host value: "0.0.0.0" - name: apmenv_http_collector_port value: "8085" - name: apmenv_http_collector_displayName valueFrom: fieldRef: fieldPath: metadata.name - name: apmenv_http_collector_threadPoolSize value: "32" - name: apmenv_http_collector_start_delay value: "5" - name: apmenv_transaction_message_expirySeconds value: "5" - name: apmenv_http_collector_distributed_memory_grid_enabled value: "false" - name: MIN_HEAP_VAL_IN_MB value: "512" - name: MAX_HEAP_VAL_IN_MB value: "4096" - name: nodename valueFrom: fieldRef: fieldPath: spec.nodeName - name: HostMonitoring value: "disabled" name: http-collector-agent image: caapm/universalmonitoragent:2022.8.0.44 imagePullPolicy: Always ports: - containerPort: 8085 - containerPort: 5071 livenessProbe: httpGet: path: /apmia/datacollector/healthz port: 8085 initialDelaySeconds: 60 periodSeconds: 60 resources: limits: cpu: 2 memory: 2G requests: cpu: 2 memory: 512Mi --- # Source: uma/templates/deployment_probeautoattach.yaml # Probe Auto Attach apiVersion: apps/v1 kind: Deployment metadata: name: apm-probe-autoattach-monitor namespace: caapm labels: app: apm-probe-autoattach spec: replicas: 1 template: metadata: labels: app: apm-probe-autoattach deployment.name: apm-probe-autoattach-monitor spec: serviceAccountName: uma containers: - name: apm-probe-autoattach image: caapm/universalmonitoragent:2022.8.0.44 command: - "/apm-probe-autoattach-linux-amd64" - "-tlsCertFile=/etc/webhook/certs/cert.pem" - "-tlsKeyFile=/etc/webhook/certs/key.pem" - "2>&1" env: - name: GRIZZLY_COLLECTOR_HOST value: "" - name: GRIZZLY_COLLECTOR_PORT value: "8085" - name: SUSTAINABILITY_METRICS value: "false" - name: LOG_LEVEL value: "3" - name: INSTID valueFrom: fieldRef: fieldPath: metadata.name - name: APP_NAME value: apm-probe-autoattach volumeMounts: - name: apm-probe-autoattach-certs mountPath: /etc/webhook/certs readOnly: true - name: apm-probe-autoattach-config mountPath: /etc/webhook/config resources: limits: cpu: 4 memory: 200Mi requests: cpu: 400m memory: 80Mi imagePullPolicy: Always volumes: - name: apm-probe-autoattach-certs secret: secretName: caaiops-probe-autoattach-certs - name: apm-probe-autoattach-config configMap: name: caaiops-probe-autoattach-configmap selector: matchLabels: app: apm-probe-autoattach --- # Source: uma/templates/deployment_prometheus.yaml # Prometheus based Deployment. What is the Agent triplet name ? # Agent from Container1 will be reported to |ClusterMonitoring|Prometheus Agent apiVersion: apps/v1 kind: Deployment metadata: name: cluster-performance-prometheus namespace: caapm labels: app: prometheus-deployment spec: replicas: 1 template: metadata: name: prometheus-deployment labels: app: prometheus-deployment spec: serviceAccountName: uma initContainers: - name: init-clusterinfo image: caapm/universalmonitoragent:2022.8.0.44 command: ['bash', '-c', 'until [ $(curl --connect-timeout 5 --max-time 10 --write-out %{http_code} --silent --output /dev/null ${CLUSTERINFO_SERVICE_HOST}:${CLUSTERINFO_SERVICE_PORT}/up) -eq 200 ]; do sleep 2; done'] resources: limits: cpu: 20m memory: 20Mi requests: cpu: 10m memory: 10Mi containers: - env: - name: agentManager_url_1 valueFrom: configMapKeyRef: key: agentManager_url_1 name: caaiops-config-common - name: agentManager_credential valueFrom: configMapKeyRef: key: agentManager_credential name: caaiops-config-common - name: apmenv_introscope_agent_connection_compatibility_version valueFrom: configMapKeyRef: key: agentManager_version name: caaiops-config-common - name: apmenv_introscope_agent_extensions_bundles_load value: KubernetesRemoteMonitor, PrometheusImporter, - name: apmenv_com_ca_apm_kubernetes_remote_monitor_type value: prometheus - name: apmenv_com_ca_apm_kubernetes_prometheus_datafile value: haproxy,kube-state-metric,coredns,etcd,apiserver - name: apmenv_introscope_agent_agentName valueFrom: configMapKeyRef: key: agentNaming_deployment_prometheus_agent name: caaiops-config-common - name: apmenv_introscope_agent_customProcessName valueFrom: configMapKeyRef: key: agentNaming_deployment_prometheus_process name: caaiops-config-common - name: apmenv_introscope_agent_hostName valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_com_ca_apm_kubernetes_clusterName valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: nodename valueFrom: fieldRef: fieldPath: spec.nodeName - name: apmenv_com_ca_apm_kubernetes_prometheus_autodiscovery value: "true" - name: type value: "Kubernetes" - name: MIN_HEAP_VAL_IN_MB value: "64" - name: apmenv_introscope_epagent_config_httpServerPort value: "8888" - name: apmenv_com_wily_instroscope_agent_metric_calculators_k8scluster value: "/usr/local/openshift/apmia/extensions/KubernetesRemoteMonitor/config/calculator/clusterCalculator.json" - name: APISERVER_MONITORING_ENABLED value: "true" - name: HostMonitoring value: disabled - name: cluster_name valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_cluster_name valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoints value: prometheus - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_url valueFrom: configMapKeyRef: key: prometheus_server_url name: caaiops-config-common - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_username valueFrom: configMapKeyRef: key: prometheus_server_username name: caaiops-config-common - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_password valueFrom: configMapKeyRef: key: prometheus_server_password name: caaiops-config-common - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_token valueFrom: configMapKeyRef: key: prometheus_server_token name: caaiops-config-common - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_polling_frequency value: "30" - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_useSecretKey value: "true" - name: apmenv_com_ca_apm_prometheus_metric_importer_endpoint_prometheus_config_files value: "k8s-cluster.yaml,k8s-container.yaml,k8s-pod.yaml,k8s-namespace.yaml,k8s-node.yaml,k8s-istio.yaml,k8s-deployment.yaml,k8s-daemonset.yaml,k8s-replicaset.yaml,k8s-statefulset.yaml" - name: apmenv_prometheus_metric_name_alias value: "container_name=container,pod_name=pod" - name: apmenv_prometheus_metric_name_alias_exception value: k8s-pod-mapdata.yaml,k8s-container-mapdata.yaml name: kubernetesservice image: caapm/universalmonitoragent:2022.8.0.44 resources: limits: cpu: 2 memory: 1G requests: cpu: 200m memory: 300Mi livenessProbe: httpGet: path: /healthz port: 8888 initialDelaySeconds: 60 periodSeconds: 60 imagePullPolicy: Always volumeMounts: - name: config-volume mountPath: /usr/local/openshift/apmia/extensions/KubernetesRemoteMonitor/config/prometheus - name: custom-promql-config-volume mountPath: /usr/local/openshift/apmia/extensions/PrometheusImporter/config/custom-promql volumes: - name: config-volume configMap: name: caaiops-config-prometheus - name: custom-promql-config-volume configMap: name: custom-promql-config optional: true selector: matchLabels: app: prometheus-deployment --- # Source: uma/templates/kafka_monitor.yaml apiVersion: apps/v1 kind: Deployment metadata: name: apm-kafka-monitor namespace: caapm labels: tier: monitoring app: kafka-monitor spec: selector: matchLabels: app: kafka-monitor template: metadata: labels: app: kafka-monitor annotations: ca.broadcom.application.name: kafka-monitor spec: tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule - key: node-role.kubernetes.io/storage effect: NoSchedule - key: node-role.kubernetes.io/infra effect: NoSchedule - effect: NoSchedule operator: Exists - effect: NoExecute operator: Exists containers: - name: apm-kafka-monitor image: caapm/universalmonitoragent:2022.8.0.44 imagePullPolicy: Always securityContext: privileged: true env: - name: agentManager_url_1 valueFrom: configMapKeyRef: key: agentManager_url_1 name: caaiops-config-common - name: agentManager_credential valueFrom: configMapKeyRef: key: agentManager_credential name: caaiops-config-common - name: apmenv_introscope_agent_connection_compatibility_version valueFrom: configMapKeyRef: key: agentManager_version name: caaiops-config-common - name: nodename valueFrom: fieldRef: fieldPath: spec.nodeName - name: apmenv_introscope_agent_hostName valueFrom: configMapKeyRef: key: cluster_name name: caaiops-config-common - name: apmenv_introscope_agent_customProcessName valueFrom: configMapKeyRef: key: agentNaming_deployment_apmia_process name: caaiops-config-common - name: apmenv_introscope_agent_agentName value: "Kafka Agent" - name: apmenv_introscope_agent_extensions_bundles_load value: KafkaExtension - name: MIN_HEAP_VAL_IN_MB value: "64" - name: type value: Kubernetes - name: interval value: "60" - name: apmenv_introscope_epagent_config_httpServerPort value: "8888" - name: apmenv_introscope_agent_kafka_k8s_broker_discovery_localOnly value: "false" - name: apmenv_introscope_agent_kafka_k8s_broker_discovery_namespace value: - name: apmenv_introscope_agent_kafka_consumergroups_enabled value: "true" - name: apmenv_introscope_agent_kafka_consumergroups_filter value: - name: apmenv_introscope_agent_kafka_broker_jmx_config_modules value: "kafka,jvm,memory" - name: apmenv_introscope_agent_kafka_broker_jmx_include_filter value: "" - name: apmenv_introscope_agent_kafka_broker_jmx_exclude_filter value: "" - name: apmenv_introscope_agent_kafka_config_polling_interval_seconds value: "300" - name: apmenv_introscope_agent_kafka_atc_enabled value: "true" - name: apmenv_introscope_agent_kafka_atc_graphTtl value: "1800000" - name: apmenv_introscope_agent_metricClamp value: "50000" - name: apmenv_introscope_agent_remotejmx_clamp value: "50000" resources: limits: cpu: 1000m memory: 1G requests: cpu: 200m memory: 300Mi livenessProbe: httpGet: path: /healthz port: 8888 initialDelaySeconds: 120 failureThreshold: 2 periodSeconds: 180 volumeMounts: volumes: --- # Source: uma/templates/deployment_collector.yaml # Collector Service --- # Source: uma/templates/ingress_httpcollector.yaml # --- # Create Ingress Resource here if you are using HTTP Collector with Ingress Controller Load Balancer --- # Source: uma/templates/deployment_probeautoattach.yaml apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: name: apm-probe-autoattach-cfg namespace: caapm labels: app: apm-probe-autoattach webhooks: - name: apm-probe-autoattach.caapm.io clientConfig: service: name: apm-probe-autoattach-svc namespace: caapm path: "/mutate" caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURqekNDQW5lZ0F3SUJBZ0lKQVBpb2lQQm9HL010TUEwR0NTcUdTSWIzRFFFQkN3VUFNRjR4Q3pBSkJnTlYKQkFZVEFrbE9NUkV3RHdZRFZRUUtEQWhDY205aFpHTnZiVEVQTUEwR0ExVUVDd3dHUTBFZ1FWQk5NU3N3S1FZRApWUVFERENKaGNHMHRjSEp2WW1VdFlYVjBiMkYwZEdGamFDMXpkbU11WTJGaGNHMHVjM1pqTUI0WERUSXhNRE16Ck1UQTNNak14TjFvWERUSTBNREV4T1RBM01qTXhOMW93WGpFTE1Ba0dBMVVFQmhNQ1NVNHhFVEFQQmdOVkJBb00KQ0VKeWIyRmtZMjl0TVE4d0RRWURWUVFMREFaRFFTQkJVRTB4S3pBcEJnTlZCQU1NSW1Gd2JTMXdjbTlpWlMxaApkWFJ2WVhSMFlXTm9MWE4yWXk1allXRndiUzV6ZG1Nd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3CmdnRUtBb0lCQVFDeXZCa3RhOHN5NFVHL3JhZjU5MDgzZWp1d01VVWFXRml1SHNNRlZWZHdKc2pXL1pEVFVzRUsKcml6VXZLZVVRT2kyWnhLbWxYUmNVb0tHYkVwWSsydWtsOTNrOTZIVWgwVG8wUnRuekdvdHg5SHhTYUFoT0ZvUwprbEVsb2hyQTdSUUMyTXZIK3oyQzVKdG5YSWRFdHh1dmRpWkpTTGliNFpzdE9NOFNwMWt6VEdQTEE5UVR2NUNwCjVuZUIrTVVmR2EwZVUra2VaLzMvM1NwVTB4SXphaUdTZExMWm9hZm9Tb2dabUp4citsNnJNQ1IvUVBIOStKRmsKMHRFVG9GRDlHTHd5RjRFdVkyOVBiTk9PMXB2N2JDQ3JjTlRwR25NaEc0ekd4c2hJSEFWY0lOeHpTL0N5cEtnUQpYRVd4UUtWUlBzN1FQSVhCYTFFYTdWb2Q1WU9KUTNZSkFnTUJBQUdqVURCT01CMEdBMVVkRGdRV0JCUk8yNHJICkR0bEhaU1cyRVZzZm9XdnNFUkhPNHpBZkJnTlZIU01FR0RBV2dCUk8yNHJIRHRsSFpTVzJFVnNmb1d2c0VSSE8KNHpBTUJnTlZIUk1FQlRBREFRSC9NQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJOSFd6WFNWQnBoR2dnbHRCeQpjZFB5dTdpcWVITmc4b1Y3cHIwRVNtUGt6cjFySWRMbkdJb0hvU2FrNzNUU3NMdnY0ZVp2aWRobXA2UWl6dk9kCnRNYk9iN0E0c3NhYjAxS2d6cGRsSnhkazVjK3FHcFRqWGZaN1VUY1ZVaTRSYmJncEZIYTZxS3lPOWN0cDZ0bXIKd1JLY0lodzJzYVFjYTZiNEFCWERuOHhZckdDN2VmeHFQaGdSUjhtRkkzcTU2S2dySmVjK0RJcXhVeTRGZzhMRwpnY1hNZmhmRVBiMzVJK0x5N2FEVml4dXhFNFpsdWk0cTJ5SlZiSmNxejlvaG1iODRlVXpFRGxEUEVLcUJhbVdGCjNyT21iMjVlZW9GSnViZHFDaktub1RqQms0WDErTkFBblkwSzBRcGhBeDlTVVFLSkozUFd2Y1UvMXhkSWJiUm8KcURNZQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== rules: - operations: ["CREATE", "UPDATE"] apiGroups: [""] apiVersions: ["v1beta1", "v1"] resources: ["pods"] namespaceSelector: matchLabels: probe-autoattach: enabled admissionReviewVersions: ["v1beta1", "v1"] sideEffects: None